Rootkit.Linux.Snakso.a is designed to infect the Linux kernel version 2.6.32-5-amd64 and adds an iframe to all served web pages by the infected Linux server via the nginx proxy.
The malware appears to be in its development stages as the code is rather large (more than 500k, including debugging information) and Kaspersky noted that "some of the functions donÃ­t seem to be fully working or they are not fully implemented yet."